5 matches found
Dropbear Post-authentication root RCE Vulnerability (CVE-2017-9078)
Dropbear is prone to a post-authentication root remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2016-7409
The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUGTRACE, allows local users to read process memory via the -v argument, related to a failed remote ident...
UBUNTU-CVE-2016-7407
The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file...
UBUNTU-CVE-2016-7408
The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted 1 -m or 2 -c argument...
openSUSE Security Update : dropbear (openSUSE-2016-912)
This update for dropbear fixes four security issues bnc990363 : - A format string injection vulnerability allowed remotes attacker to run arbitrary code as root if specific usernames including '%' symbols could be created on the target system. If a dbclient user can control usernames or host...